Rootkits are hard to detect because they employ advanced stealth techniques to hide their presence. They can conceal processes, files, and network activities by altering system calls and kernel data structures. The deep system knowledge and specialized tools required for low-level analysis make rootkit detection complex and resource-intensive. Limited visibility of standard security tools further complicates the identification of rootkits. However, This week I'm going to talk about how to identify root kits on a Linux systems using only the command line.